His business cards should read "Call Pound before you get pwned."

Welp looks like we have your nickname Dr. Pwned

@Stay EZ My Friends I think you've misunderstood how it works. You hash the whole password, but only send the first few characters of the hash. Then, any matching hashes are sent to you, for you to compare with the full hash to see if any of them are your password. There are no changes to the input.

@Stay EZ My Friends that's entirely possible. My understanding is that the avalanche effect means that the hashes of "000" and "001" and "010" will be very different. Just by changing a single bit, you completely change the output. If I'm right about that, I don't see how it has any effect on how this checks passwords.

@Stay EZ My Friends I don't see your real examples. My understanding of how this works is that you hash your *full* password, then send the first few digits of the hash. It then compares those digits to the first digits of the hashes of *entire* passwords. Any matches, it sends back the full hashes, for you to compare with your full hash. I see nowhere that the avalanche effect comes into play, as you're always hashing the full password.

I was actually surprised that it didn't have more results than it did really

This ability is one of the racial bonuses for English characters

"Horsecorrectstaplebattery" is my choice of password

'if you think you know everything, you're not trying hard enough' - H.D.Moore .... everyone is a n00b.

@@hakology I know just enough to know how much I do not know...

Ahhhhh it’s like 2006 all over again

Nice! Its MD5 only contains "BAAE3B", which clearly demonstrates that MD5 is the inferior algorithm to SHA-1. :^) (Alas, SHA-256 is still better. But in it, I can only find "BFF". So my cryptographic horoscope is telling me Kate and I will be happier as friends? ^^)

@@nibblrrr7124 lol cryptograpgic horoscope! hashing numerology!

That guy has since changed his password to "divorcecourt".

Lol spaceballs

Mines samsonite

Hehehe

@@rjj5574 2814 times in list

what do you mean by anti-password?

@@El_Chompoit was an example of a poorly chosen password

At least they understood that part well.

So... It's a strong password?!

@@PragmaticAntithesis not anymore

still waiting on numberphile though.

It's obviously Sean's password for the Computerphile Google account

And also how is it working like how did only one person think of this

@@OrangeC7 only one that got leaked - there might be hundreds of others USING that password. ;-)

maybe that person didn't know about the computerphile channel and thought they were being clever inventing a word?

I’ll get me coat.

Pwn is a correct word, pwne is not.

@@RealCadde I know, derrr Noted, amended

That's already a deep web blackmarket site

Still allows for some nasty stuff in two cases: 1. Only one hash which starts off similarly can be found (not likely), 2. The user checks for multiple passwords. 2 is a problem because all of the hashes that the server returns can be traced back to passwords, and those can be traced back to accounts connected to them. So if the user checks multiple passwords that can be traced back to their accounts, the likelihood of identifying the user increases. But yeah, it doesn't leak the passwords that haven't previously been leaked straight away, but still might make guessing them easier. Thanks to potentially identifying the password habits of the person and having the beginning of a hash.

@@mirmbloatbust4783 I don't think 1 is a problem. If only 1 password is returned, it's still very unlikely it is yours.

@@CitronLighter Yup, I agree. 2 is the real problem.

@@mirmbloatbust4783 2 isn't much of a problem in my opinion. The k-anonymity implementation was suggested by CloudFlare due to the bandwidth usage - you literally have everything from password managers to UK government departments all using the same API. Passwords are also not unique - my weakest password is (to paraphrase) randomstring1 and the next number in the iteration has been leaked (as have some in the 80-99 range - birth years) even though I've never used them. CloudFlare have probably seen most of your passwords anyway as they are the biggest CDN, and most partial hash lookups don't end up going to the origin server because of k-anonymity and aggressive caching. That just leaves trust in the frontend of whatever is using the password API v2, and TLS stack/library/protocol. Also, haveibeenpwned doesn't make the data available to link breached accounts with leaked passwords. If you are concerned about the origin server knowing who you are based on password lookups that return positive results, we are talking about a database built from data breaches that contain your e-mail addresses and passwords. If you only have one e-mail address, it'd be a waste of resources for the API to link passwords to it based on password lookups because the service could have used the data already available.

​@@mirmbloatbust4783 i don't know much about cryptography but iirc sha1 hashes are "random" so the first part should not allow them to get the first part of the password.

ironic :)

621 times

@@HaxorBird :3

@@andrewandrei3062 a --man-- anthro of culture I see edit, YT comment formatting is a pain in the back, I swear it was double hyphens a while ago

639 now

iLoveYou*Mike

iLoveLamp

@@brokentombot I see what you did there 👨

@@mikejohnstonbob935 make sure to put the symbol in the middle of the word, instead of between words!

Also careful not to do it in the interactive Python REPL. I noticed Python 2.7 on my system has no history, but Python 3.5 and Python 3.7 both have a history. Read STDIN and type password in via request from STDIN. No shells, no REPLs, no pipes!

The only secure chip is one you build yourself.

Someone pull requested my github to fix this already! You're absolutely right, it wasn't ideal what I was doing.

Have you ever heard of sarcasm?

@MichaelKingsfordGray What! Use your real name? You would go through all the trouble to make a secure chip for a password and then give your real full name out on the internet? *facepalm*

What exactly is a private breach in this example? Did the perpetrator break some site and then give Troy and ONLY Troy their ill gotten loot? If the site owner gave the list of exposed data to Troy then in all probability that data is in the wild and may be being traded on exclusive forums, but in that instance it is only a delay to wider public dissemination.

I will not fall for the same mistake as others have! I will use "wordpass"! No one can ever guess!

@@marekmichalovic8711 , we need more smart people like you.

How often has "has been leaked 3,645,804 times." been leaked?

@@FirstDagger That might have been a decent password until you wrote it

And "123456" like 23 million. Taking a positive angle, if there are 3 billion people on the internet, that's only the dumbest 0.5% (taking into account duplicates and troll accounts).

It's amusing that Munroe's counter-example for a bad password (Tr0ub4dor&3) in *not* in the pwned list...

@@foo0815 xkcd is known for information warfare.

@@foo0815 His reasoning is quite sound though. If you can't remember the password, you might as well not have a password. Try that principle with other words in that database. Tip: use a word that's not in the dictionary (and not in use in general) in the password, that you can actually remember. (ex: "fortify persident campaign etchings"). And put your choice of easily remembered special characters in there.

@@Reelix That's why you should just include one word that's not in the dictionary.

Xileer Torias No, the point of the approach is that you calculate the entropy given that it is in a dictionary. Of course, partially deviating from the pattern by adding a non-word or special characters in the middle will still make it even stronger.

CK You can put a space before the command and it won't store it in the history

export HISTIGNORE='[ \t]*' Then put a space in front of any command you don't want in history.

Probably doesn't save you from audit log, though. Don't let people read audit log.

@@gyroninjamodder TIL. Thanks!

Thanks for pointing this out - I did eventually upload my code to github and someone already put in a pull request fixing this :)

Multi-threading!

Was fun to work with the 1TB leak few months ago to create an alphabetically ordered password list of all the unique passwords, followed up with the number they were encountered in it. Would have been swell to do that on a SSD and more memory than 4GBs in hindsight. :P

@@dustysparks No need to multithread, just have the file organised alphanumerically and do a binary search.

If the file is already sorted, then it will be extremely easy and fast to search it, even on a slow system with slow I/O. No need for multi-threading or anything special. seek into the middle of the file, read until a newline is found, see if the hash is less, equal or greater than the searched one... depending on that check you search the part before or behind the current position. Its just a binary search. This could be done by hand. If the file isn't already sorted, then fast hardware (a computer) could be useful. If only one hash is searched, just use "grep completehash pw-hash-list.txt", grep uses a quite fast algorithm (boyer moore) to find a word in a large amount of data. If the file isn't sorted and many hashes should be checked you need a lot of ram and a program called "sort", just sort the list and use the second mentioned method. ;)

There is a version sorted by hash which is of course rather fast to search through (and more easily compressed to boot)

1) Hash in sha-1. 2) Request the appropriate address. 3) Cross the list to search for a match. 4) Output the result. You should not trust anyone and do it yourself. Time to learn how to code ?

hurktang if you can audit the code there’s nothing wrong with using someone else’s

I've also written my own version. It supports checking multiple passwords with a file: github/lukas-dachtler/pwned.py

If you give me a list of all your passwords I'll check for you. 😎😎

@@hurktang "various videos", not necessarily this one. This one is fairly easy to replicate :)

Is this safe?

no one wants to hack your roblox account dude

never been leaked or never been cracked? there's a difference

There is a chance that someone have your pass but didn't make the database with it public nor shared with Troy Hunt (haveibeenpwned guy)

What was it?

mine have

Yeah that would be great. However website owners wants as many users as possible. If the user find it cumbersome to sign up, the website might loose that user and potentional revenue. We would practically have to make it punishable by law to use crappy passwords.

@@Baxtexx Carrying the death penalty for that particular genepool.

Add a space before the command to omit it from bash history, or better yet, use the getpass python library.

I'm sure there are people who use salted plaintext passwords... Always assume the worst, don't trust anyone. ;)

That's also outdated. Salting is not enough in the slightest. Use bcrypt or pbkdf2. See Tom Scott's video about password storage.

@@joonasfi Are you saying bcrypt(password) is just as strong as a bcrypt(password + salt) ?

salting? (What is this? Security for ants?) argon2 then scrypt then blowfish then bcrypt. (I doubt all four have been compromised at this stage.)

@@recklessroges "In cryptography, a salt is random data that is used as an additional input to a one-way function that "hashes" data, a password or passphrase."

jjfiaggg is a bit too brute forceable. might as well go for longer songs ittrlitjfcialnefr or talwsatgigasbasth There would be people who could figure these out from that alone but for everyone else They are very long popular songs by Queen and Led Zep

Oof

"urmom" is only 5 characters. I guess most people would use at least 6 characters.

@@sieevansetiawan4792 More sites are expecting a number and capital letter as well. Easiest way to do that is to add a 1 at the end.

I think the reputable ones encrypt/decrypt client-side using a master password. If they also use your master password to login, I believe what gets sent to the server is derived from a hash of the password, not the password itself. Though this does mean you should be extra careful choosing your master password.

Xevailo at least use keepass or better while you do your own due diligence.

gotta love our education system: take the kids that are more interested in a given topic and then punish them for expanding their knowledge

​@@666Tomato666 Well, no. It's because what he did was illegal and abusive to the system. Dumbass.

@@kanekeylewer5704 a password that can be cracked is a horrible password, not bad, horrible and using horrible passwords is like putting a post-it note on the door asking not to enter, of course a kid will want to take a look

@@666Tomato666 Any password can be cracked, dumbass.

​@@kanekeylewer5704, shut up, you petulant little child.

Too bad it's already pwned too. :/

I've already seen it. You should change it as you've been using it for far too long.

simpele word concatenations aren't considered that safe anymore. Not at length

The person who talks in this video has another video on this channel that discusses exactly that

@@JochemKuijpers if they're all words like simpele it's still probably a very viable password strategy.

Make sure you install pip with the option ticked to add it to your PATH variable.

@@jameyd916 I'm sorry, but that makes no sense. There are no options or check boxes in command line.

@@bailey125 when you install pip with the python windows installer it was checkboxes, I meant those.

@@jameyd916 Oh... I installed python years ago lol. Maybe I unchecked it when installing. I'll probably just reinstall. Thanks :)

@@jameyd916 Managed to fix the issue. Turned out that I did have pip installed on python 2.7, but I also had python 3.3 installed which does not come with pip and command line was using python 3.3, so I uninstalled 2.7 and 3.3 and installed 3.7 with pip and it all worked fine.

How do you authenticate yourself to the system that lets you remove your phone as an authenticater? I agree that there are lots of problems with passwords, but it's very hard to find something that can fully replace them. People have been trying for decades.

@@superfluidity There's no way to revoke who has access to your password except to change it. When you make an account it authenticates to that device like your desktop from there you can tell a website to authenticate with your phone. As a backup you can use a public key stored on your desktop or on a usb key to do management like locking all authenticators.

Right. If you have such a program, you should call it with `xargs python pwned.py` (which will wait for the password on stdin, before running the actual script).

leftaroundabout This is still a problem because the arguments to xargs will show up in the process list and also show up in the commandline history, so you've just moved the problem about instead of actually addressing it.

Or, you know, just... clear your history after use :D

@Chris they do show up in the process list, true. They do _not_ show up in the shell history. Or what do you mean?

that just stops it appearing in your shell history, does not stop the password appearing in the process list or audit logs (on systems doing auditing)

No, you're hearing voices. :-)

Eugen Afanasjev wow your so smart you probably have a huge weiner

What's even better is that xkcd appears as a password 49 times

@@asgaines the funniest part is that Tr0b4dor&3 actually doesn't appear at all... From the same xkcd comic...

How many times does FACEPALM show up?

Timur Sultanov At least everyone got that correct.

You’re just sending the first few characters of the hash. The server doesn’t know your password or whether it is in the list or not.

At that point, you may as well just skip using the dictionary, and just generate a random string of characters. It won't be any less memorable

@@esquilax5563 Not really, since I can easily remember the words I picked.

It's run from the client after unlock, not from their servers while encrypted.

Password managers are encrypted databases of plaintext passwords - if they only stored hashes it would be impossible to use the passwords stored.

I've always heard it said as powned. But it could be because I'm Dutch and most people read it before they heard it.

@@AnimilesYT it's not just because you're Dutch.

I've only ever heard it as "poned".

i accidentally pressed p instead of o when typing in counterstrike. it was meant to be 'owned' but it can be pronounced both ways

staple! :D

Asharas in a Box If you don’t trust him, you shouldn’t trust that either. The whole point of this is that you don’t have to trust him.

Well, BA8E, but close enough!

Wow, nice! That almost seems like somebody generated the hashes for all "iloveyou[female name]" that he could imagine, and checked them before choosing "kate", lol